The below blog is one we've mentioned before and it remains a refreshing read. Rather than terrify us all into submission, the Information Commissioner's Offices seems to be positioning GDPR as an evolution that we work towards, rather than an axe falling on our heads (or necks - surely to do the job properly it would be our necks?).

What's interesting here is that almost every seminar, webinar and event I've attended on GDPR seems to be banging the 72 hour 'report of a breach' drum with such fervour that fear is inevitable. Indeed it's often said that failure to do so will mean your business will be closed down and some form of mediaeval punishment delivered. At the very least you should expect to find your head on a pole outside the Tower of London. Or something...

However, the ICO seem to be taking a softer line. It looks like common sense, rather than fear, driving the fines and consequences when it comes to the GDPR.

This is a good thing and while it doesn't mean we should be complacent, it does allow us to be human.